import { NextRequest } from 'next/server';
import { withMiddleware } from '@/lib/middleware/entry';
import { prisma } from '@/lib/prisma';
import { authenticateRequest } from '@/utils/auth';

async function handler(req: NextRequest) {
  const authResult = await authenticateRequest(req);
  if (!authResult.success || authResult?.user?.role !== 1) {
    throw new Error('权限不足');
  }

  const { id } = await req.json();

  if (!id) {
    throw new Error('ID 为必填项');
  }

  await prisma.user.delete({
    where: { id },
  });

  return { message: '删除成功' };
}

export const POST = withMiddleware(handler);